Blurry Box Cryptography

Kerckhoffs’ Principle

Auguste Kerckhoffs postulated his eponymous principle back in the 19th century: "A cryptosystem should be secure even if everything about the system, except for the key, is public knowledge". This means that an effective method does not have to be kept secret. If it were, you should wonder why.

Wibu-Systems has been true to this principle for several years. While many other dongles in the market are based on proprietary algorithms, Wibu-Systems already began to use the well-known public FEAL algorithm and published the key derivation scheme in the manual of WibuBox back in 1992, when WibuKey was first launched. While a number of – unpublished – systems were cracked at an early stage, WibuKey was able to withstand the test of time, until the 40-bit key (used due to export restrictions) became too small. The current WibuBoxes use a key length of 64-bit and have never been cracked to this day. The first release of CodeMeter, which then followed in 2003, deployed AES 256-bit, yet another public encryption algorithm. And again, no CmDongles have been cracked to this day.

The Concept

Unlike the encryption process that occurs in a dongle, no means of integrating secure protections in software have been published so far. This translates into "Security by Obscurity", the exact opposite of what Kerckhoffs’ Principle predicates. These unpublished methods can neither be evaluated nor compared with one another. Here again, Wibu-Systems has been offering the opportunity to discuss the methods and functionality of CodeMeter Protection Suite during its lectures and events.

With Blurry Box, cryptography is raised to a new level. Blurry Box cryptography offers software protection that is completely based on publicly available methods and that can thus be assessed and compared. Needless to say, Blurry Box cryptography can be combined with the traditional methods of CodeMeter Protection Suite.

The basic principle of Blurry Box cryptography is the use of one or more secure keys in a dongle and the fact that software is typically complex. Its goal is to make the effort required to illicitly copy software higher than the effort needed to completely rewrite the same software. In essence, nobody could stop an attacker who knows how a given piece of software works from simply building a similar piece of software – nobody but the sheer effort involved.

The Methods

Blurry Box cryptography consists of seven methods, which increases the effort required to create a counterfeit to the point that it becomes easier and faster to re-develop the software from scratch.

Creation of Variants

To increase the complexity of the software, software functions are reproduced as variants of the function. A wrapper function selects which variant is executed depending on the given input parameters of the function.

Modification of Variants

The individual variants are modified to only work in the range of values valid for each variant. This prevents attackers from patching the wrapper function to only execute the same variant every time.

Encryption of Variants

All variants are encrypted to stop attackers from reverse engineering the code without first decrypting it.

Inserting Traps

In addition to the already generated variants, further variants are inserted as traps and encrypted. A trap contains a lock code, meaning that if the trap is decrypted via the dongle, the dongle self-locks and can no longer be used for decrypting. This prevents an attacker from decrypting all methods without reverse engineering.

Choice of the Variant in the Dongle

The wrapper function uses the dongle to select the variant. For this purpose, the input parameters are sent to the dongle, and the variant to be used is returned. This makes it no longer possible for the attacker to distinguish the required variants simply by reverse engineering a decrypted wrapper function. He would have to run the code for all possible input parameters to be able to pinpoint it with absolute certainty.

State Engine in the Dongle

The developer knows that functions can only be executed in the order he has chosen. The last decryption method is stored in the dongle as a state. The next decryption will then check whether this state was met. If not, a trap can be triggered to prevent an attacker from trying all variants at any given point in the software. He would always have to go back to the starting point, which increases the complexity of the attack.

Decryption Delay

In normal operation, only a certain number of decrypts can be performed every 30 seconds. This number is stored as a decrypt threshold in the dongle. The dongle paces its decryption work accordingly. In addition to making the process more complex, this mechanism slows down any attacker.

Summary

Blurry Box cryptography uses seven published methods that greatly increase the complexity and time required for an attack to be successful. In the end, it would be easier and less expensive for the would-be attacker to develop similar software from scratch.

Blurry Box cryptography can be combined with the anti-debug and obfuscation methods typical of CodeMeter Protection Suite. With Blurry Box, software protection becomes measurable and comparable. No blind faith needed: You buy a solution that has been thoroughly tested and accepted by experts in the field.